vitalik.eth
@VitalikButerin
RT
@LashaAntadze: Let me explain it in simple terms. Since 2024, when we first launched #freedomtool with the Russian opposition, we have been boiling in hot water on the ground to solve each issue and ensure every vote of dissent was secure (there were 40,000 participants). That might look small, but it was the largest protest gathering in Russia since 2021. There are two major caveats when working with passports. First, you need to ensure uniqueness so that 1 vote = 1 passport. For this you have three options: 1. Passport support (active authentication), where you can sign and get a nullifier directly from the document. But since the 2010s, major countries have abandoned support for that standard and it won’t work at scale. 2. An external signer: you can use a TEE, OPRF, secure server, whatever everyone is discussing. It adds an additional secret, and voila, it works. This is the architecture we used for the Russian use case. 3. A third way, which
@LashaAntadze: Let me explain it in simple terms. Since 2024, when we first launched #freedomtool with the Russian opposition, we have been boiling in hot water on the ground to solve each issue and ensure every vote of dissent was secure (there were 40,000 participants). That might look small, but it was the largest protest gathering in Russia since 2021. There are two major caveats when working with passports. First, you need to ensure uniqueness so that 1 vote = 1 passport. For this you have three options: 1. Passport support (active authentication), where you can sign and get a nullifier directly from the document. But since the 2010s, major countries have abandoned support for that standard and it won’t work at scale. 2. An external signer: you can use a TEE, OPRF, secure server, whatever everyone is discussing. It adds an additional secret, and voila, it works. This is the architecture we used for the Russian use case. 3. A third way, which
@LashaAntadze
Let me explain it in simple terms. Since 2024, when we first launched #freedomtool with the Russian opposition, we have been boiling in hot water on the ground to solve each issue and ensure every vote of dissent was secure (there were 40,000 participants). That might look small, but it was the largest protest gathering in Russia since 2021.
There are two major caveats when working with passports. First, you need to ensure uniqueness so that 1 vote = 1 passport. For this you have three options:
1. Passport support (active authentication), where you can sign and get a nullifier directly from the document. But since the 2010s, major countries have abandoned support for that standard and it won’t work at scale.
2. An external signer: you can use a TEE, OPRF, secure server, whatever everyone is discussing. It adds an additional secret, and voila, it works. This is the architecture we used for the Russian use case.
3. A third way, which in my opinion is the purest but requires network effect: so-called “shielded privacy of passport hashes,” where you junk up all the passport hashes in an on-chain registry and reuse them for different use cases, granting everyone plausible deniability.
I call this pure because there is zero dependency on any vendor. You get a system like blockchain was for money. one that works outside anyone’s control and no one can switch off.
When you touch reality, we forget that MPC networks halt operations for certain jurisdictions on governmental notice, that states control bandwidth and can block your traffic, and that wherever you don’t face hostility, participation isn’t a crime and you don’t need these hard setups.
That’s the reality check most builders lack with voting tools. It’s not just an engineering question, it’s a political one. When you hit the ground, you learn it on your skin and the skin of others.
The second problem; governments issuing fake passports can be solved in two ways:
First, a similarity proof of the passport photo and the person holding a phone (we’ve built that with ZKML Bionetta).
Or, the second and more elegant one: a ZK graph, where you build participation commitments over time. That can become a much more valuable foundation to reimagine digital democracy. (We’ve built that too with ERC7812)
So thank you all for your contributions, but it’s still odd that after all these years we’re discussing the same topics, yet no one asks the real question: what are the true barriers to bringing these tools to the masses, and under what circumstances they actually work?